Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6ddb5de by Salvatore Bonaccorso at 2022-03-25T21:21:58+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -153,7 +153,7 @@ CVE-2022-1066
CVE-2022-1065
RESERVED
CVE-2022-1064 (SQL injection through marking blog comments on bulk as spam in
GitHub ...)
- TODO: check
+ NOT-FOR-US: forkcms
CVE-2022-1063
RESERVED
CVE-2022-1062
@@ -913,7 +913,7 @@ CVE-2022-26017
CVE-2022-25841
RESERVED
CVE-2022-1040 (An authentication bypass vulnerability in the User Portal and
Webadmin ...)
- TODO: check
+ NOT-FOR-US: Sophos
CVE-2022-1039
RESERVED
CVE-2022-1038
@@ -1615,7 +1615,7 @@ CVE-2022-27194
CVE-2022-0989
RESERVED
CVE-2022-0988 (Delta Electronics DIAEnergie (Version 1.7.5 and prior) is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2022-0987 [PackageKit: Information Disclosure in Transaction Interface via
timing]
RESERVED
- packagekit <unfixed>
@@ -4160,7 +4160,7 @@ CVE-2022-26265 (Contao Managed Edition v1.5.0 was
discovered to contain a remote
CVE-2022-26264
RESERVED
CVE-2022-26263 (Yonyou u8 v13.0 was discovered to contain a DOM-based
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: Yonyou u8
CVE-2022-26262
RESERVED
CVE-2022-26261
@@ -5880,11 +5880,11 @@ CVE-2022-25614
CVE-2022-25613
RESERVED
CVE-2022-25612 (Multiple Authenticated Persistent Cross-Site Scripting (XSS)
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-25611 (Authenticated Stored Cross-Site Scripting (XSS) in Simple
Event Planne ...)
- TODO: check
+ NOT-FOR-US: Simple Event Planner plugin
CVE-2022-25610 (Unauthenticated Stored Cross-Site Scripting (XSS) in Simple
Ajax Chat ...)
- TODO: check
+ NOT-FOR-US: Simple Ajax Chat
CVE-2022-25609 (Stored Cross-Site Scripting (XSS) in Yoo Slider – Image
Slider & ...)
NOT-FOR-US: WordPress plugin
CVE-2022-25608 (Cross-Site Request Forgery (CSRF) in Yoo Slider – Image
Slider & ...)
@@ -5892,7 +5892,7 @@ CVE-2022-25608 (Cross-Site Request Forgery (CSRF) in Yoo
Slider – Image Sl
CVE-2022-25607 (Authenticated (author or higher user role) SQL Injection
(SQLi) vulner ...)
NOT-FOR-US: WordPress plugin
CVE-2022-25606 (Multiple Authenticated Stored Cross-Site Scripting (XSS)
vulnerabiliti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-25605 (Multiple Authenticated Stored Cross-Site Scripting (XSS)
vulnerabiliti ...)
NOT-FOR-US: WordPress plugin
CVE-2022-25604 (Authenticated (contributor of higher user role) Stored
Cross-Site Scri ...)
@@ -5979,7 +5979,7 @@ CVE-2022-25584
CVE-2022-25583
RESERVED
CVE-2022-25582 (A stored cross-site scripting (XSS) vulnerability in the
Column module ...)
- TODO: check
+ NOT-FOR-US: ClassCMS
CVE-2022-25581 (Classcms v2.5 and below contains an arbitrary file upload via
the comp ...)
NOT-FOR-US: Classcms
CVE-2022-25580
@@ -5989,7 +5989,7 @@ CVE-2022-25579
CVE-2022-25578 (taocms v3.0.2 allows attackers to execute code injection via
arbitrari ...)
NOT-FOR-US: taocms
CVE-2022-25577 (ALF-BanCO v8.2.5 and below was discovered to use a hardcoded
password ...)
- TODO: check
+ NOT-FOR-US: ALF-BanCO
CVE-2022-25576 (Anchor CMS v0.12.7 was discovered to contain a Cross-Site
Request Forg ...)
NOT-FOR-US: Anchor CMS
CVE-2022-25575 (Multiple cross-site scripting (XSS) vulnerabilities in Parking
Managem ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6ddb5dedda729a12e8e9de4116841fbcc0692c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6ddb5dedda729a12e8e9de4116841fbcc0692c8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
